How to Recognize Fraud in Online retail and what to do about it

How To Catch a Thief Before Christmas? A Case Study about Selling Online and Identity Theft

Hello fellow Entrepreneurs and small business owners,

It is that time of year….time when online retailers must be primed for fraud prevention and identity theft issues. In my many years of running a online retail operation, I have worked with the IT staff to find automated ways to prevent fraud. Despite what Visa, Discover Card, and American Express will try to tell merchants, they have a huge identity theft issue with stolen credit cards.  What makes matters worse is that online retailers bear the brunt of this problem and endure the financial losses when it comes to fraud. Why?

The card holder alerts American Express about the fraudulent charge, Amex does a chargeback, and the merchant is out the merchandise and the money. No recourse.

Are you an online retailer that is tired of being a victim?

Here is an inside look at the way we check for fraud. I believe in the theory of exception order processing. What this means is that orders that fit a predefined set of rules are further checked for validity.

What are our simple rules? I think it will be better to tell it as a case study. You can see the flags as indicators of the rules we have set up to alert us to fraud.

1. The processing team see a large order (flag 1) with different billing and shipping (flag 2). Furthermore, the shipping address is Miami, FL, (flag 3) exactly where thieves will want items sent to get stolen goods out of the country quickly.

2. Our staff checks the email address and it was Yahoo, a free untraceable email address (flag 4).

3. The staff reviews the phone number and it is Miami area code, not Irving TX. (flag 5) This alerts them to the fact the thief wanted us to call that number. If our staff would have just called the 305 number, they probably would have talked to somebody who said “sure, that’s me SHIP IT!”.

4. The team knows that the billing address has to be correct.

5. The team does some simple internet research on the billing information.

6. They find a Dallas number tied to the billing customer’s name and address.

7. They call the number to verify the order.

8. In this specific example it was fraud.

Fraud prevention takes time, and you have to monitor. Fraud never stops, because contrary to what the police want us to believe – Crime does pay…if you find an easy target.

In our experience, the criminals want to hit when people are not paying attention, so the day before Holiday breaks are especially good times to strike.

In our case, there is a reason this guy submitted an order with a stolen credit card on a Friday afternoon. I am sure he knows when it is best to strike after doing it for awhile.

No to Mondays – yes to Fridays on a weekly basis.

Employees are not paying attention, they are thinking about the weekend. Since it can be hard to monitor every single order, it is wise to set up an automated monitoring system to do the tedious work for you. Our team at can help you with that process.

Happy Holidays Everyone!


Bozeman’s internet marketing expert and crime stopper

{ 1 comment… read it below or add one }

Robert Moskowitz December 20, 2010 at 7:54 pm

state-of-the-art “fingerprinting” technology built into the Fraud Shield Online anti-fraud software system provides merchants with powerful new tools to identify fraudulent orders before they can produce any losses.

The Problem

Every online internet marketing merchant (located in Bozeman or big cities) can be targeted and fears online fraud. By some reports, cybercrimes rose about 650 percent between 2001 and 2009, costing online businesses approximately $560 million in 2009, while fraudulent credit card transactions in 2010 are occurring at least 30 percent more often than last year, and growing in sophistication. International fraudsters’ “take” from online merchants this year could easily total more than $2 billion.

To accomplish these massive swindles, many online fraudsters pose as honest affiliates of the legitimate marketing networks that supply millions of merchants with increased website traffic. These networks generally require merchants to pay for their traffic within a week or so, far too quickly for them to be protected by conventional warning signs of fraud, such as chargebacks, non-deliverable merchandise, and complaints from customers about stolen credit card information or merchandise orders they never placed.

By the time the phony orders flooding in are recognized, the victimized merchant has already paid the fraudulent affiliates, and may also have shipped the merchandise, incurred the chargebacks, jeopardized its merchant account, and expended resources on the administrative tasks associated with all these activities. Meanwhile, the fraudster has banked the money and disappeared, and is already gearing up to repeat the same crime spree again under other names.

The Solution

Now a remarkable, new defense is available to online ecommerce merchants. Fraud Shield Online, developed by an online merchant to protect itself against this and other forms of online fraud, uses a variety of technologies and databases to perform a sophisticated analysis of every incoming transaction – before it ever reaches the merchant’s order-processing system.

One of several innovative technologies that allow Fraud Shield Online to provide such a powerful defense against online fraud is its ability to “fingerprint” the computer that sends each order. By piercing the apparent – and easily spoofed – identity of any computer sending transactions, Fraud Shield Online discovers the computer’s actual Internet Protocol address, its IP service provider, its geographical location, and even its Media Access Control number or MAC address (an identifier – incorporating the manufacturer’s name and the item’s serial number – that’s unique for every piece of hardware connected to the Internet).

Taken together, this “fingerprint” information furnishes online merchants and internet marketers with several important opportunities to spot a fraudulent merchandise order and reject it.
For example, a computer that has previously sent fraudulent orders deserves extra scrutiny on any subsequent orders it originates. In addition, orders are inherently suspicious when sent by a computer located thousands of miles from the credit card owner’s home address, or by a computer that is trying to disguise its geographical location.

In all, Fraud Shield Online performs about 50 different tests for signs of online fraud, enabling it to instantly and automatically sort all incoming orders into “safe” and “fraudulent” transaction streams for merchant processing and rejection, respectively. A merchant can also choose to define gray areas between those two categories, and manually verify each of those suspicious transactions before filling it.

Merchants using Fraud Shield Online can easily dial in the level of risk they’re willing to accept, and dial out the ability of fraudulent affiliates – and other fraudsters – to pick their pockets online.

Leave a Comment

Previous post:

Next post: